$msg .= 'alert(\'' . __('You are not authorized to view this section') . '\');' . "\n"; $msg .= 'top.location.href = \'' . UCS_WEB_ROOT_DIR . 'index.php?p=login\';' . "\n"; $msg .= '</script>' . "\n"; // unset cookie admin flag setcookie('ucs_admin_logged_in', false, time() - 86400, UCS_WEB_ROOT_DIR); simbio_security::destroySessionCookie($msg, UCS_SESSION_COOKIES_NAME, UCS_WEB_ROOT_DIR . 'admin', true); } // checking session checksum $unauthorized = $_SESSION['checksum'] != md5($_SERVER['SERVER_ADDR'] . UCS_BASE_DIR . 'admin'); if ($unauthorized) { $msg = '<div style="padding: 5px; border: 1px dotted #FF0000; color: #FF0000;">'; $msg .= __('You are not authorized to view this section'); $msg .= '</div>' . "\n"; // unset cookie admin flag setcookie('ucs_admin_logged_in', false, time() - 86400, UCS_WEB_ROOT_DIR); simbio_security::destroySessionCookie($msg, UCS_SESSION_COOKIES_NAME, UCS_WEB_ROOT_DIR . 'admin', true); } // check for session timeout $curr_timestamp = time(); $timeout = $curr_timestamp - $_SESSION['logintime'] >= $sysconf['session_timeout']; if ($timeout) { $msg = '<div style="padding: 5px; border: 1px dotted #FF0000; color: #FF0000;">'; $msg .= __('Your Login Session has already timeout!') . ' <a target="_top" href="' . UCS_WEB_ROOT_DIR . 'index.php?p=login">Re-Login</a>'; $msg .= '</div>' . "\n"; // unset cookie admin flag setcookie('ucs_admin_logged_in', false, time() - 86400, UCS_WEB_ROOT_DIR); simbio_security::destroySessionCookie($msg, UCS_SESSION_COOKIES_NAME, UCS_WEB_ROOT_DIR . 'admin', true); } else { // renew session logintime $_SESSION['logintime'] = time(); }
// create logon class instance $logon = new member_logon($username, $password, $sysconf['auth']['member']['method']); if ($sysconf['auth']['member']['method'] === 'LDAP') { $ldap_configs = $sysconf['auth']['member']; } if ($logon->valid($dbs)) { // write log utility::writeLogs($dbs, 'member', $username, 'Login', 'Login success for member ' . $username . ' from address ' . $_SERVER['REMOTE_ADDR']); header('Location: index.php?p=member'); exit; } else { // write log utility::writeLogs($dbs, 'member', $username, 'Login', 'Login FAILED for member ' . $username . ' from address ' . $_SERVER['REMOTE_ADDR']); // message $msg = '<div class="errorBox">' . __('Login FAILED! Wrong username or password!') . '</div>'; simbio_security::destroySessionCookie($msg, MEMBER_COOKIES_NAME, SWB, false); } } } // check if member already login if (!$is_member_login) { ?> <div class="tagline"><?php echo __('Library Member Login'); ?> </div> <?php // captcha invalid warning if (isset($_GET['captchaInvalid']) && $_GET['captchaInvalid'] === 'true') { echo '<div class="errorBox">' . __('Wrong Captcha Code entered, Please write the right code!') . '</div>'; }
die; } // check session $unauthorized = !isset($_SESSION['uid']) and !isset($_SESSION['uname']) and !isset($_SESSION['realname']); if ($unauthorized) { $msg = '<script type="text/javascript">' . "\n"; $msg .= 'alert(\'' . __('You are not authorized to view this section') . '\');' . "\n"; $msg .= 'location.href = \'' . SENAYAN_WEB_ROOT_DIR . 'index.php?p=login\';' . "\n"; $msg .= '</script>' . "\n"; simbio_security::destroySessionCookie($msg, SENAYAN_SESSION_COOKIES_NAME, SENAYAN_WEB_ROOT_DIR, true); } // checking session checksum $unauthorized = $_SESSION['checksum'] != md5($_SERVER['SERVER_ADDR'] . SENAYAN_BASE_DIR); if ($unauthorized) { $msg = '<div style="padding: 5px; border: 1px dotted #FF0000; color: #FF0000;">'; $msg .= __('You are not authorized to view this section'); $msg .= '</div>' . "\n"; simbio_security::destroySessionCookie($msg, SENAYAN_SESSION_COOKIES_NAME, SENAYAN_WEB_ROOT_DIR, true); } // check for session timeout $curr_timestamp = time(); $timeout = $curr_timestamp - $_SESSION['logintime'] >= $sysconf['session_timeout']; if ($timeout) { $msg = '<div style="padding: 5px; border: 1px dotted #FF0000; color: #FF0000;">'; $msg .= __('Your Login Session has already timeout!') . ' <a href="' . SENAYAN_WEB_ROOT_DIR . 'index.php?p=login">Re-Login</a>'; $msg .= '</div>' . "\n"; simbio_security::destroySessionCookie($msg, SENAYAN_SESSION_COOKIES_NAME, SENAYAN_WEB_ROOT_DIR, true); } else { // renew session logintime $_SESSION['logintime'] = time(); }
* This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * */ // key to authenticate define('INDEX_AUTH', '1'); /* Library Automation logout */ // required file require '../sysconfig.inc.php'; // start the session require SB . 'admin/default/session.inc.php'; // write log utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'system', $_SESSION['realname'] . ' Log Out from application from address ' . $_SERVER['REMOTE_ADDR']); // redirecting pages $msg = '<script type="text/javascript">'; if ($sysconf['logout_message']) { $msg .= 'alert(\'' . __('You Have Been Logged Out From Library Automation System') . '\');'; } $msg .= 'location.href = \'' . SWB . 'index.php?p=login\';'; $msg .= '</script>'; // unset admin cookie flag setcookie('admin_logged_in', true, time() - 86400, SWB); // completely destroy session cookie simbio_security::destroySessionCookie($msg, COOKIES_NAME, SWB . 'admin/', true);